NFC Device And Connection System Of NFC Devices

ABSTRACT

The present device aggregates all kinds of contactless services such as credit card, loyalty card, micro-payment, discount card, transport card, access control, e-ticket, parking, etc. An NFC (Near Field Communication) device comprises a host CPU, a memory, a GPRS modem controlled by the CPU to access Internet, a SIM holder, an antenna and a battery. The NFC device is shaped as a credit card and it also includes a touch-screen, able to implement technical functionalities to operate contactless services, visualize his ticket/coupon and consult the latest transaction, a secure element to store and execute the contactless applications, and a ST controller connected to Host CPU and to the SE.

CROSS-REFERENCE TO RELATED APPLICATIONS

This application is a Continuation-in-Part of U.S. patent applicationSer. No. 14/358,525, filed on May 15, 2014, which is a U.S. NationalPhase Entry of International Application No. PCT/EP2012/072784, filed onNov. 15, 2012, which claims priority to French Patent Application SerialNo. 11/03456, filed on Nov. 15, 2011, all of which are incorporated byreference herein.

BACKGROUND

The invention relates to a NFC (Near Field Communication) device shapedas a credit card with a touch-screen able to implement technicalfunctionalities and a connection system of NFC devices.

NFC technology development in the mobile communication field is growingup with the integration of contactless radio frequency identificationand interconnectivity. The functions of card reader, induction card andpeer-to-peer are integrated in a single chip. NFC technology involvesalso identification and data exchanges with compatible devices withinshort distance by inductive coupling of radio frequency. In particular,the NFC mobile phone allows the short distance wireless communicationand achieves a plurality of functions: electronic payment, tag reading,tickets system and data download.

SUMMARY

The problem is the aggregation of the more and more functions and theircompatibility. The goal of this device is to aggregate all kind ofcontactless services such as credit card, loyalty card, micro-payment,discount card, transport card, access control, e-ticket, parking, etc.The NFC device according to the invention is defined with combinationsof particular features of claims 1 to 10 and the connection system withthe combination of particular features of claim 11.

The device is connected to mobile Internet through a GPRS connection,which let user receives e-coupon and e-ticket “over the air”, top-up(recharge) an e-wallet or extends validity of an e-transport ore-parking card without having to queue at the cashier. The touch-screenlets the user operate the service, visualize his ticket/coupon, consultthe latest transaction, and so on. The NFC device has a secure elementSE to store the contactless application. The Secure Element is asmartcard like a microcontroller that stores and executes applicationcalled Cardlet. Each Cardlet implements the contactless service.

Through the mobile Internet connectivity, NFC devices are connected to abackend server. The backend server is used to manage applicationdownload on the NFC device and on the secure element. Through thebackend server, when a new user subscribes a service, the contactlessapplication is downloaded to the SE and the user interface is downloadedto the NFC device of the new subscriber.

The device is powered on a rechargeable battery. But it can stilloperate when the battery is empty (battery off mode), Beijing powered-upby the magnetic induction field issued from the POS. In that mode, thescreen and GPRS connection is not functional, but contactlesstransaction can still be done.

BRIEF DESCRIPTION OF THE DRAWINGS

FIG. 1 describes the main device's functionalities of an example of aNFC device according to the invention;

FIG. 2 describes the power on/off life cycle of the NFC device example;

The layout cut of the NFC device example is illustrated in FIG. 3; and

The software stack design of the same example is showed in the FIG. 4.

DETAILED DESCRIPTION OF THE PREFERRED EMBODIMENTS

As shown in FIG. 1, an example of NFC device according to the inventionis built around a CPU/MCU 12 with NAND flash memory and RAM 13. Thetouch-screen 10 is made of a color LCD display and an associatedTouch-Panel. The device has Internet access through a GSM/GPRS modem 11.The GPRS modem is controlled with the CPU 12. GPRS Modem 11 is connectedto CPU/MCU 12, and it can be powered on/off by CPU/MCU's GPIO. ASIM/miniSIM holder 110 will receive the SIM needed to GPRS/3Gcommunication.

The NFC device is powered with NFC FrontEnd Controller 21. The NFCFrontEnd Controller 21 is connected to Host CPU/MCU 12. NFC FrontEndController 21 is then connected to a Secure Element 16.

The NFC Device received NFC radio-frequency thought an Antenna 17designed as a external board, or as a wire wrapped and embedded into thedevice case. A specific power management module powers up the NFC part.In order to take advantage of the battery off mode, the SE 16 power pinis connected to a pin of the NFC FrontEnd Controller 21. The NFCFrontEnd Controller 21 is connected to the battery in order to have theNFC feature available event if the device is power off.

In order to let host CPU/MCU 12 access the SE 16 directly, the deviceuses a dedicated chip, a SC Reader 14. The SC reader 14 is connected tothe SE 16 with a standard ISO 7816 connection, and to the host CPU/MCU12. As the SC reader 14 is a generic micro-controller, a specialfirmware is designed to interface the Host CPU/MCU 12.

The NFC device is powered by a battery and recharged from a USBconnector. A LED indicates when the device is charging and when fullcharge level is reached. The hardware provides battery charge levelinformation.

The FIG. 2 describes an example of the NFC device's power on/off lifecycle. A two states button 21 located on the top (or on the side) of thedevice powers on/off & lock/unlock the device. The life cycle isdescribed in FIG. 2.

The device layout cut is illustrated in FIG. 3. It comprises:

-   -   a LCD/TP layer 31, connected to    -   a Printed Circuit Board (PCB) motherboard 32, connected to    -   a NFC antenna 33 and to a battery 34, and    -   the GSM antenna 17 connected to the PCB motherboard 32.

The device size is credit card format (85 mm×54 mm) and fits cabling andthe above mentioned chips/feature. The device is running a customsoftware. The high level software stack design is showed in the FIG. 4.

The NFC stack is broken into two subcomponents:

-   -   a HCl layer 41, which implements the protocol related to NFC        Front-End controller.    -   a NFC Forum specification layer with a card emulation 42, NDEF        Emulation 43 and peer-to-peer module 44. This layer implements        NFC Forum specification.        This last layer provides specific Apis 45 to let service        application control/access NFC feature of the NFC Front-End        controller.

The application layer consists in two kinds of components:

-   -   service applications 46 that implements a given service, like        e-wallet, e-coupon wallet, etc.;    -   Service Application Manager SAM 47 that manages Service        Application running on the board.        SC Reader Firmware 48 interfaces the host CPU/MCU with the SE        through an ISO7816 connection. SC Reader Driver 49 provides API        to interface Application Layer with SC reader through the SC        Reader Firmware 48.

Service Apps are under management of SAM-Home-Screen 47 (Service Appmanager). Service Apps are started or deleted through SAM 47. SAM isstarted at device startup and is always running in the background. Usercannot close/kill/terminate SAM.

SAM Maintain a list of Service Application installed on the device andshow a “cover flow” with all Service App's icons. SAM lets the userbrowse all Service App Icon and launch/starts the selected Service App.SAM monitors running Service App and bring itself to front end whenrunning Service App is terminated. (SAM always remains on thebackground).

Service App can register to SAM for NFC Activity. Service App will givethe AID of the Card application they are related to. When POS will senddata to that Card Application SAM will start the associated Service App.SAM supports read/write Smart Poster feature. When user “tap” a smartposter, SAM will pop-up a dialog and performs the actions associatedwith the tag.

Tag associated actions are:

-   -   Trigger Service App launch;    -   Trigger Service App download;    -   Trigger Service App content download;    -   Download and render a predefined simple XML format to display        text and image;    -   Send HTTP notification to the server.

The technical problem is that, the portable communication devices,generally known as smartphones, contains a secure element with a key orother encryption information determined by the manufacturer. The usersof third party applications want or need to ensure the payment data andother credentials by another security control, which is different fromthe secure element.

As disclosed in the published patent application US20120124394 (which isincorporated by reference herein), a virtual secure element is used inorder to fulfill the desire of uses for the third party application.This virtual secure element can be located on any memory accessible tothe communication device and is managed by a card management system.This card management system tracks the issuers of all cards, coupon,access control and ticket data stored in the virtual secure memory aswell as secure element in the payment subsystem. This means that thevirtual secure memory knows the key of the secure element and has accessto the internal data of the secure element. This imposes a potentialdanger to the security of system, since there is a possibility to invadethe secure element via the virtual secure element.

In order to solve this problem, the patent application US20120124394discloses that the virtual secure element may also be secured using akey or other encryption information that is stored in the secureelement. In this case, in order to access the data stored within thevirtual secure element, the card management system would need to accessand obtain the key from the secure element. Again, in this embodiment,the card management system also has access to the internal data ofsecure element.

It is important to find a method without necessity to access theinternal data of the secure element. In addition, the key of the secureelement is an inherent element from the manufacturer. For certain thirdparty, e.g. a bank, it needs to have an independent key, which is notaccessible by the manufacturer. Thus, the invention in the presentpatent application enables the joint use of internal secure element (SE)and external secure module, like service app manager (SAM) or cards inthe same module. So these two levels of secure elements guarantee thesecurity of an application jointly.

As illustrated in the FIG. 1, in order to let host CPU access thesecurity element directly, the device uses a dedicated chip, a securitycard reader, which has its owner key and is connected directly to thesecurity element with a standard ISO connection. As the security cardreader is a generic micro-controller, a special firmware is designed tointerface the host CPU. The security card reader can activate anddeactivate the security element. Furthermore, the SC reader can verifythe active/non-active status of the security element without access ofthe inherent content and data in the security element.

In this sense there is a double level of security: the internal securityby the secure element and the external security by the SC reader. Thekeys in the SC reader and keys in the SE belong to two differentidentifies. Firstly, the SE contains its inherent keys, which are set bythe manufacturer and responsible for the internal security of thesmartphone device. Then the SC reader contains another keys, which areheld only by the user, e.g. bank. For the payment and transaction, thebank verifies the key in the SC reader.

At the first level, these two keys are independent in their functions incontrolling the identification and access to this device. At the secondlevel, the SC reader is an external control to operate the SE in thesense that the SC reader can activate and deactivate the SE withoutreading, verifying or modifying the content inside the SE.

As illustrated in the FIG. 4, the application layer consists in twokinds of components: service applications that implements a give serviceand service application managers SAM that manages series applicationrunning on the board. SC reader firmware interfaces the host CPU/MCUwith the SE through an ISO connection. SC reader driver provides API tointerface application layer with SC reader through the SC readerfirmware. Thus, the SE can activate and deactivate the SAM.

The security element can realize the authentication of the keys of theSAM, and diversification of symmetric keys of the SAM. Meanwhile, theSAM can contain the key for the payment, and the bank transaction data.A list of possible application examples is given below:

1. Deploying SAM Access and Securing the SAM Access at the Same Time.

Banks or transport companies normally use SAM to secure the transactionswith credit cards or transport cards. The accesses to those SAMs areusually controlled with a code. However storing the code on theapplications of the file system in the host operation device isunsecure, it is easily to be decrypted. The usage of an internal secureelement to activate and to deactivate the SAM enables Security.

2. Securing Device and Device Connectivity without Comprising SAM.

When an operator has deployed a payment/transportation scheme with itsSAM, he still needs to cypher the communications between the devices.However, because the SAM contains the keys, this can be done with theuse of the internal secure element and hence without the need to giveaccess to the SAM.

3. Verify the Authenticity of Applications and Binary.

When deploying business applications on a mobile terminal, one islimited by the security of the operating system, e.g. android. Theinternal secure element is used to sign the applications binary in orderto ensure the security of the application.

4. Creating Dual Applications

Although deploying applications on a terminal is limited by the securityof the operation system, a duplet application type can improve thesecurity. This duplet application type consists of a couple ofapplications, one stored on the operating system (e.g. android) as anapk and the other on the internal secure element as a javacardapplication, with the business logic programmed in the secure elementjavacard application.

5. Identifying Hardware

When transaction are made on a terminal, it is essential to identify inan secure way the hardware of the host making the transaction, likeMAC/IMEI/Serial numbers/uuid are easily changeable. The internalsecurity element enables to identify securely a device. In addition, thesecurity element can identify the unique mutual ID, the private andpublic key for the communication with a platform. Furthermore, the SEcan sign the communication, the application.

The invention claimed is:
 1. A device (NFC) comprising a host CPU/MCU, amemory, a GPRS modem controlled by the CPU to access an Internet, a SIMholder, an antenna and a battery, the NFC being shaped as a credit cardand further comprising a touch-screen adapted to operate contactlessservices, visualize a ticket/coupon, and consult the latest transactionor equivalent, a secure element (SE) adapted to store and execute thecontactless applications, and a NFC Front-end controller connected tohost CPU/MCU and to the SE, the device using a dedicated SC Reader as asmartcard chip, and the SC reader being connected to the SE and to thehost CPU.
 2. The NFC device according to claim 1, wherein the antenna ison a daughterboard connected to a motherboard on which the battery isconnected.
 3. The NCF device according to claim 1, wherein thetouch-screen is a color LCD display and the associated touch-panel. 4.The NCF device according to claim 1, wherein, the SC Reader and thesecure element define a double level of security: the internal securityby the secure element and the external security by the SC reader.
 5. TheNCF device according to claim 1, wherein a specific power managementmodule powers up the NFC device with a stabilized tension, the STcontroller main power pin is connected to the power module and, in orderto take advantage of the battery off mode, the SE power pin is connectedto a ST pin.
 6. The NCF device according to claim 1, wherein the STcontroller battery pin is connected to the battery in order to have theNFC feature available event if the device is power off.
 7. The NCFdevice according to claim 4, wherein the SC reader being a genericmicro-controller, a firmware being designed to interface the Host CPU.8. The NCF device according to claim 1, wherein the NCF device layoutcomprises a TFT layer connected to a printed circuit board PCBmotherboard connected to a PCB antenna daughterboard and to a battery,and the GSM antenna connected to the TFT layer and to the PCBmotherboard.
 9. The NFC device according to claim 1, further comprisinga software components stack broken into two subcomponents: a HCl layer,which implements the protocol related to ST command via a driver, and aNFC Forum specification layer with a card emulation, NDEF Emulation anda peer-to-peer module.
 10. The NFC device according to claim 9, whereinthe NFC Forum specification layer provides applications in two kinds ofcomponents: service applications that implements a given service, and aservice application Manager that manages the service application runningon the board.
 11. A connection system of Near Field Communicationdevices (NFC), the system comprising: a host CPU/MCU, a memory, a GPRSmodem controlled by the CPU to access an Internet, a SIM holder, and abattery, the NFC further comprising a touch-screen adapted to operate acontactless application, visualize a ticket/coupon, and consult thelatest transaction or equivalent, a secure element (SE) adapted to storeand execute the contactless application, and a NFC Front-end controllerconnected to host CPU/MCU and to the SE; and the NFC devices beingconnected through the mobile Internet and the GPRS connection to abackend server to manage application download on the SE of the NFCdevices and, when a new user subscribes a service, the contactlessapplication is downloaded to the SE and the user interface is downloadedto the NFC device of the new user.